Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/cx1LPAbU3uFEw1SQA4nVyhFmrIs.roa
File: cx1LPAbU3uFEw1SQA4nVyhFmrIs.roa (raw, json)
Hash identifier: QQC0eWPbkNe97iESNO/qBimbEcDclCnKLG3BPadTQZI=
Subject key identifier: 73:1D:4B:3C:06:D4:DE:E1:44:C3:54:90:03:89:D5:CA:11:66:AC:8B
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 0EA81B18
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/cx1LPAbU3uFEw1SQA4nVyhFmrIs.roa
Signing time: Wed 26 Jan 2022 09:37:46 +0000
ROA not before: Wed 26 Jan 2022 09:37:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197882
IP address blocks: 130.255.92.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.14.250.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
159.255.160.0/22 maxlen: 22
159.255.161.0/24 maxlen: 24
159.255.160.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
31.25.136.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245898008 (0xea81b18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Jan 26 09:37:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=731d4b3c06d4dee144c354900389d5ca1166ac8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:dc:d3:c7:e3:c7:30:1c:3b:59:a8:b8:b5:c4:
a9:fb:71:8a:3b:6c:8c:1f:c2:cf:44:b0:cc:20:79:
00:3a:aa:f8:44:95:6e:94:0a:55:17:90:f3:c1:14:
25:bb:7a:f4:37:53:c5:26:c6:24:5f:fd:a7:93:4c:
64:d7:bc:67:f5:0a:6d:d2:3a:81:7e:aa:1e:89:2c:
a5:79:74:22:f7:2b:32:55:0b:81:03:23:c8:fd:e2:
ef:ef:39:7d:b7:6f:e6:2c:f4:77:3e:b8:08:2d:9e:
a5:2f:81:31:bc:47:55:92:b9:83:59:3e:3e:0a:64:
c6:91:1e:83:1a:d3:05:f1:f4:84:6d:c9:eb:da:4d:
f0:d4:b0:cb:d5:9b:08:ee:c3:43:f6:3d:c0:cf:07:
e2:e9:05:8a:85:5d:e8:5c:50:11:4f:65:fd:2c:d7:
3d:4a:9c:98:a7:8a:29:18:91:d0:26:54:1e:e7:fd:
95:69:72:b4:04:c2:82:0a:72:c4:49:14:1d:2d:67:
fb:25:1c:66:2f:97:2e:ee:b8:8c:eb:7d:8b:0b:8f:
de:a7:43:b8:13:0e:39:c9:e8:79:6c:02:a1:08:fe:
93:77:06:0e:a3:15:e9:04:3a:c6:b5:66:35:2b:b3:
d9:c0:3d:0f:2a:0b:a9:8b:1c:b5:2a:30:6c:44:7d:
ce:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1D:4B:3C:06:D4:DE:E1:44:C3:54:90:03:89:D5:CA:11:66:AC:8B
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/cx1LPAbU3uFEw1SQA4nVyhFmrIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
74:b3:87:1b:f2:1e:d2:5d:b7:15:e0:26:2a:76:04:99:7a:c7:
ed:fe:d7:57:d1:21:45:b0:84:5e:b3:8d:63:6d:3b:1e:e4:37:
24:f4:82:23:90:62:8a:38:2b:58:34:8f:d7:97:a5:0e:07:f9:
50:a8:d5:d0:70:69:b6:8d:8e:5f:74:59:41:2b:76:f3:da:39:
37:47:7f:0a:26:5e:b0:d2:5f:b4:63:c9:ad:1b:80:46:a6:de:
28:83:f8:99:8c:6c:a2:7e:7b:80:be:47:28:70:5a:34:fd:77:
46:64:06:cb:77:c8:05:7d:52:00:85:56:67:f1:f4:d1:f7:c7:
45:0d:8b:39:c0:93:24:a1:7e:1f:b6:35:77:d5:c5:54:68:ca:
9e:f9:c7:00:ce:29:a4:c6:97:42:e3:ed:9f:52:72:31:25:18:
30:7b:45:8d:33:4b:0a:f0:a3:ff:8a:19:1b:9c:21:74:3c:87:
1a:c8:61:f8:85:7e:57:cd:04:c6:87:b4:ef:ab:a7:25:a9:c3:
21:7b:61:56:2e:0e:5e:4c:6d:8f:92:a6:3f:59:89:b8:da:74:
ff:88:d0:6f:35:71:66:ec:5a:04:99:bc:8c:7e:3a:4b:63:1f:
a0:be:1b:80:dc:79:7b:36:7e:f9:be:be:f8:0b:60:3c:b1:c9:
9e:3a:fd:46
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEDqgbGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjM4NDBiNWQzYzM1MjU5ODFjODYxNjE2NjY3OWRlOTIwZTM1MGY1MB4XDTIyMDEy
NjA5Mzc0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMxZDRiM2MwNmQ0
ZGVlMTQ0YzM1NDkwMDM4OWQ1Y2ExMTY2YWM4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO7c08fjxzAcO1mouLXEqftxijtsjB/Cz0SwzCB5ADqq+ESV
bpQKVReQ88EUJbt69DdTxSbGJF/9p5NMZNe8Z/UKbdI6gX6qHokspXl0IvcrMlUL
gQMjyP3i7+85fbdv5iz0dz64CC2epS+BMbxHVZK5g1k+PgpkxpEegxrTBfH0hG3J
69pN8NSwy9WbCO7DQ/Y9wM8H4ukFioVd6FxQEU9l/SzXPUqcmKeKKRiR0CZUHuf9
lWlytATCggpyxEkUHS1n+yUcZi+XLu64jOt9iwuP3qdDuBMOOcnoeWwCoQj+k3cG
DqMV6QQ6xrVmNSuz2cA9DyoLqYsctSowbER9zucCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBRzHUs8BtTe4UTDVJADidXKEWasizAfBgNVHSMEGDAWgBQrOEC108NSWYHI
YWFmZ53pIONQ9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t6aEF0ZFBEVWxtQnlHRmhabWVkNlNEalVQVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvMmI5NWVkLTk4ODItNDJmYS1hOWY1LWFkODBlNzU2ZDI1Ni8x
L2N4MUxQQWJVM3VGRXcxU1FBNG5WeWhGbXJJcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
MmI5NWVkLTk4ODItNDJmYS1hOWY1LWFkODBlNzU2ZDI1Ni8xL0t6aEF0ZFBEVWxt
QnlHRmhabWVkNlNEalVQVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwQgQCAAEwPDAMAwQDHxmIAwQBHxmMAwQCgv9cMAwD
BAWf/6ADBACf/6QwDAMEA7kO+AMEALkO+gMEArll7AMEAbm4xjAPBAIAAjAJAwcA
KgO8wAABMA0GCSqGSIb3DQEBCwUAA4IBAQB0s4cb8h7SXbcV4CYqdgSZesft/tdX
0SFFsIRes41jbTse5Dck9IIjkGKKOCtYNI/Xl6UOB/lQqNXQcGm2jY5fdFlBK3bz
2jk3R38KJl6w0l+0Y8mtG4BGpt4og/iZjGyifnuAvkcocFo0/XdGZAbLd8gFfVIA
hVZn8fTR98dFDYs5wJMkoX4ftjV31cVUaMqe+ccAzimkxpdC4+2fUnIxJRgwe0WN
M0sK8KP/ihkbnCF0PIcayGH4hX5XzQTGh7Tvq6clqcMhe2FWLg5eTG2PkqY/WYm4
2nT/iNBvNXFm7FoEmbyMfjpLYx+gvhuA3Hl7Nn75vr74C2A8scmeOv1G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org